+3

Preventing Spam / SEO Abuse User Accounts?

Ian McPhee 5 months ago in BLOX CMS • updated 4 months ago 3

Hey ya'll,


Yesterday, I noticed that a person named xxxx Hairdryer made a User account. Their email address was "xxxx@yeah.net" and their bio, while hilarious: 

"What is going to be open today is a hair dryer, a hair dryer that all the girls love, a hair dryer that initiates innovative revolution, a hair dryer of four hundred pounds, and that’s right – it’s the xxxxx Supersonic hair dryer."

("xxxx" instead of the company name, as to not SEO them here too)


...confirmed to me that this was another account made to boost some SEO off of our User system. Usually these accounts have something listed in the "Home page" field, which as I understand it, is essentially like us having a link to their site from our site (a coveted opportunity, if I'm not mistaken). I think you can see the ones that are doing well for themselves if you parameter your Analytics to /user pages. Sometimes these are easy to spot at a glance when looking at your Users, as many are pretty foreign sounding names, or email accounts like @robot-mail.com but sometimes are names like Dallas Moore, and you don't realize until you open their bio and see whatever bogus link / info they've got. Calendar spammers typically leave their bios blank and instead, try to submit events for medical conferences in Dubai or Spain with a link in the website field.

The reason I'm worried about these (they are easy / entertaining enough to ban manually, but that's not ideal ) is that they are auto-opting into my Email Reach as well, effectively messing up my Open / Bounce rates. My intern is "bot-hunting" this stuff right now, but I could see there being more problems in the future.

I'm wondering how these accounts are getting past the email verification step? Also, kind of related - it sucks that the email verification goes to so many folks' spam folder. I probably tell three people to check it a week.

What does everyone else do to combat this stuff?

+1

Wow! You're right. I just had a look at some of our users, and I have a bunch of clearly spam accounts. Escort services, gambling, "enlargement" services, etc...

The sign-up form has a captcha, but how are these getting though? Are actual humans doing the sign-up? If so, how are they finding our random website (we're a student newspaper) when there are much larger places to attack?

They're finding your website because the spammers have discovered that BLOX websites have this issue.

It's pretty easy to find all websites that share a common IP address. Do a google search for "find all websites on ip"

Use one of those websites and put in your website domain... you'll see all/most of the other BLOX sites in the same datacenter.

https://hackertarget.com/reverse-ip-lookup/

or https://www.bing.com/search?q=ip%3A192.104.182.209

Ugh, yeah, I figured as much. Luckily the "homepage" field of user profiles is being removed soon.


Not sure how to go about preventing calendar spammers still though.